#Malware

The misbehaving Firefox add-ons were misusing an API that controls how Firefox connects to the internet.

UltimaSMS leverages at least 151 apps that have been downloaded collectively more than 10 million times, to extort money through a fake premium SMS subscription service.

No security defense is perfect, and shadow IT means no company can inventory every single asset that it has. David “moose” Wolpoff, CTO at Randori, discusses strategies for core asset protection given this reality.

The bold move signals a looming clash between Russian ransomware groups and the U.S.

An SQL-injection bug in the BQE Web Suite billing app has not only leaked sensitive information, it’s also let malicious actors execute code and deploy ransomware.

An SQL-injection bug in the BillQuick billing app has not only leaked sensitive information, it’s also let malicious actors execute code and deploy ransomware.

The Nobelium group, linked to Russia's spy agency, is looking to use resellers as a path to infiltrate their valuable downstream customers - and it's working.

The patch, urgently rushed out on Friday, is an emergency fix for the widely deployed platform, whose No. 1 most trafficked site is Amazon’s Seller Central.

By Deeba Ahmed The warning comes days after three rogue packages, okhsa, klow, and klown discovered by DevSecOps firm Sonatype, were removed from the NPM repository. This is a post from HackRead.com Read the original post: CISA warns of trojanized versions of JavaScript library’s NPM package

By Waqas According to Microsoft Security Intelligence, the new variant of UpdateAgent malware is also capable of dropping adware against macOS. This is a post from HackRead.com Read the original post: UpdateAgent malware variant impersonates legitimate macOS software